Lock Chrome to a specific version
If your Chrome browser is a managed app deployed from Managed-Google-Play store, configure the option in MGP store to disallow upgrade without MGP administration action even when the app permissisons of the new version are the same as the old one.
Thanks for your Post to Soti central!!
Have you got a chance to test as per above metioned post by raymond in which you can send manage google play payload configuration to your device as it will provide you following options shown below. Just for your information , after selecting Never update option , It will stop updates for all managed google play applications and lock them to ongoing specific version.
Technical Support | SOTI Inc. |+1-888-494-SOTI (7684) | firstname.lastname@example.org | www.soti.net |
Does this actually work? We recently had a lot of challenges with the bad Chrome / System WebView update where I thought that configuration would have prevented the update from happening. Chrome and/or the System WebView are seen as system apps on the devices so they're being implicitly approved and updated automatically by Google Play even though they aren't approved explicitly in Managed Play.
Yes... wasn't the Chrome / Webview problem a horrible problem..... We had the SOTI Kiosk mode crash because of it and had to delete and re-enroll devices to fix....... I wish Google understood the Enterprise!
The best way to stay definitely (including new enrolled devices!) on a specific app version is to install chrome not via playstore but via package/profile. Then only you decide which Version is installed.
- Post script uninstall chrome
- apk file of chrome version you need
But that will also change the WebView implementation from Chrome to the default System WebView which will then continue to get automatic updates from Google Play. The issue isn't so much that Chrome is getting updated its the WebView implementation give the number of applications, including SOTI Lockdown/Kiosk and other hybrid web apps, that rely on WebView.
Following up on this thread, were you able to resolve the issue? If no, Please create a support case(click here) or call SOTI Support team (click here) to get immediate assistance. As we may need to check logs and other information.
Kind Regards, Technical Support | SOTI Inc. |1.905.624.9828 | email@example.com | www.soti.net |
I raised this particular challenge to Google during a event in 2018. When they presented their roadmap and targets for Android Enterprise etc.
I have no troubles using Google Play Store to deploy and manage software which is available for our end-users. However the challenges comes when we need to consider regional aspects of deploying new updates of software in a controlled manner. As it is today using packages with downloaded APK's works but is it good enough when we do not have ordinary channels for the APK repositories.
Based on the security aspects and way of working Google want us to adapt to they should synch a bit more with their EMM partners to adapt the way we can deploy, lock and granularly deploy specific versions of software at our choosing if we manage sites globally with specific offered change windows based on the industries we support via GMS devices.
Amen to that! Managed Play has come a long way but it is still far from offering the granularity of control needed to manage mission critical / line-of-business enterprise device environments. The fact that you can't lock down a specific version of an application is a great example of that. And there is no rollback!
Hey togehter, is there a there a valid and secure source for downloading the current Chrome and Webviewer apk-files?
The only source i know is apkpure.com but im not that sure about the security.